Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(431)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: mandoline/tab/frame_connection.cc

Issue 1287043004: Use CapabilityFilter to restrict what HTMLViewers can connect to. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: . Created 5 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | mojo/application/public/cpp/application_impl.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: mandoline/tab/frame_connection.cc
diff --git a/mandoline/tab/frame_connection.cc b/mandoline/tab/frame_connection.cc
index b96aadaaa96a15ef304f9467792e5a068245ba6d..3e6792db3eba96a04cc71f12576c736270b68408 100644
--- a/mandoline/tab/frame_connection.cc
+++ b/mandoline/tab/frame_connection.cc
@@ -19,7 +19,39 @@ void FrameConnection::Init(mojo::ApplicationImpl* app,
mojo::URLRequestPtr request,
mojo::ViewManagerClientPtr* view_manage_client) {
DCHECK(!application_connection_);
- application_connection_ = app->ConnectToApplication(request.Pass());
+
+ mojo::CapabilityFilterPtr filter(mojo::CapabilityFilter::New());
+ mojo::Array<mojo::String> resource_provider_interfaces;
+ resource_provider_interfaces.push_back("resource_provider::ResourceProvider");
+ filter->filter.insert("mojo:resource_provider",
+ resource_provider_interfaces.Pass());
+
+ mojo::Array<mojo::String> network_service_interfaces;
+ network_service_interfaces.push_back("mojo::NetworkService");
sky 2015/08/12 20:36:16 This strikes me as very fragile. If someone rename
+ network_service_interfaces.push_back("mojo::URLLoaderFactory");
+ filter->filter.insert("mojo:network_service",
+ network_service_interfaces.Pass());
+
+ mojo::Array<mojo::String> clipboard_interfaces;
+ clipboard_interfaces.push_back("mojo::Clipboard");
+ filter->filter.insert("mojo:clipboard", clipboard_interfaces.Pass());
+
+ mojo::Array<mojo::String> surfaces_interfaces;
+ surfaces_interfaces.push_back("mojo::DisplayFactory");
+ surfaces_interfaces.push_back("mojo::Surface");
+ filter->filter.insert("mojo:surfaces_service", surfaces_interfaces.Pass());
+
+ mojo::Array<mojo::String> view_manager_interfaces;
+ view_manager_interfaces.push_back("mojo::Gpu");
+ view_manager_interfaces.push_back("mojo::ViewManagerRoot");
+ filter->filter.insert("mojo:view_manager", view_manager_interfaces.Pass());
+
+ mojo::Array<mojo::String> devtools_interfaces;
+ devtools_interfaces.push_back("devtools_service::DevToolsRegistry");
+ filter->filter.insert("mojo:devtools_service", devtools_interfaces.Pass());
+
+ application_connection_ = app->ConnectToApplicationWithCapabilityFilter(
+ request.Pass(), filter.Pass());
application_connection_->ConnectToService(view_manage_client);
application_connection_->ConnectToService(&frame_tree_client_);
frame_tree_client_.set_connection_error_handler([]() {
« no previous file with comments | « no previous file | mojo/application/public/cpp/application_impl.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698